From 9931ddf95759b694e0ed06c6bf9ae304ad7c4f6d Mon Sep 17 00:00:00 2001
From: gumi <git@gumi.ca>
Date: Tue, 3 Mar 2020 16:41:29 -0500
Subject: auto-fix accounts with no primary identity

---
 src/routers/vault/middlewares/session.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/routers/vault/middlewares/session.js b/src/routers/vault/middlewares/session.js
index 336cfcd..8b64165 100644
--- a/src/routers/vault/middlewares/session.js
+++ b/src/routers/vault/middlewares/session.js
@@ -254,7 +254,12 @@ const new_session = async (req, res, next) => {
             return;
         } else {
             // auth flow
-            if (identity.id !== account.primaryIdentity && !account.allowNonPrimary) {
+            if (account.primaryIdentity === null || account.primaryIdentity === undefined) {
+                // the vault account has no primary identity (bug): let's fix this
+                console.warn(`Vault.session: fixing account with no primary identity {${session.vault}} [${req.ip}]`);
+                account.primaryIdentity = identity.id;
+                await account.save();
+            } else if (identity.id !== account.primaryIdentity && !account.allowNonPrimary) {
                 res.status(423).json({
                     status: "error",
                     error: "non-primary login is disabled",
-- 
cgit v1.2.3-60-g2f50